Update History.txt

Signed-off-by: Gaurav Aggarwal <[email protected]>

Author: aggarg

History.txt

@@ -1,5 +1,30 @@
 Documentation and download available at https://www.FreeRTOS.org/
 
+Changes between FreeRTOS V10.4.3 LTS Patch 2 and FreeRTOS V10.4.3 LTS Patch 3 released September 16 2022
+
+	+ ARMv7-M and ARMv8-M MPU ports: It is possible for a third party that
+	  already independently gained the ability to execute injected code to
+	  read from or write to arbitrary addresses by passing a negative argument
+	  as the xIndex parameter to pvTaskGetThreadLocalStoragePointer() or
+	  vTaskSetThreadLocalStoragePointer respectively.
+	  We thank Certibit Consulting, LLC for reporting this issue.
+	+ ARMv7-M and ARMv8-M MPU ports: It is possible for an unprivileged task to
+	  invoke any function with privilege by passing it as a parameter to
+	  MPU_xTaskCreate, MPU_xTaskCreateStatic, MPU_xTimerCreate,
+	  MPU_xTimerCreateStatic, or MPU_xTimerPendFunctionCall.
+	  We thank Huazhong University of Science and Technology for reporting this issue.
+	+ ARMv7-M and ARMv8-M ports: It is possible for a third party that has
+	  already independently gained the ability to execute injected code to
+	  achieve further privilege escalation by branching directly inside a
+	  FreeRTOS MPU API wrapper function with a manually crafted stack frame.
+	  We thank Certibit Consulting, LLC, Huazhong University of Science and
+	  Technology and the SecLab team at Northeastern University for reporting
+	  this issue.
+	+ ARMv7-M MPU ports: It is possible to configure overlapping memory
+	  protection unit (MPU) regions such that an unprivileged task can access
+	  privileged data.
+	  We thank the SecLab team at Northeastern University for reporting this issue.
+
 Changes between FreeRTOS V10.4.3 LTS Patch 1 and FreeRTOS V10.4.3 LTS Patch 2 released November 12 2021
 
 	+ ARMv7-M and ARMv8-M MPU ports – prevent non-kernel code from calling the